<?php

$host="localhost"; // Host name 
$user="root"; // Mysql username 
$pass=""; // Mysql password 
//$db_name="sevenbits"; // Database name 
$db_name = "paradigmshift_dev";
$tbl_name="account"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$user", "$pass")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$username=$_POST['username']; 
$password=$_POST['password'];   

// To protect MySQL injection (more detail about MySQL injection)
$username = mysql_real_escape_string(stripslashes($username));
$password = mysql_real_escape_string(stripslashes($password));
$sql="SELECT * FROM $tbl_name WHERE accName ='$username' and PASSWORD ='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
//session_register("username"); deprecated
//session_register("password");  deprecated
session_start();
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['logged-in'] = true;
mysql_close('$host','$user','$pass');
header("location:bootstrapDemo2.php");

}
else {
header("location:bootstrapDemo.php");
}
?>